CVE-2026-40493
SAIL · SAIL library
The PSD codec in the SAIL image library incorrectly calculates buffer allocation for LAB mode images, resulting in a deterministic heap buffer overflow during pixel processing.
Executive summary
A critical heap buffer overflow in the SAIL library PSD codec allows unauthenticated remote attackers to trigger memory corruption via malformed LAB mode images.
Vulnerability
The vulnerability stems from an incorrect calculation of bytes-per-pixel for specific PSD LAB mode configurations. This leads to an undersized allocation, causing every pixel write operation to overflow the allocated heap buffer.
Business impact
With a CVSS score of 9.8, this vulnerability poses a severe risk to any system using the SAIL library to parse untrusted images. Exploitation likely results in application instability or arbitrary code execution, potentially leading to a total compromise of the host system.
Remediation
Immediate Action: Update the SAIL library to commit c930284445ea3ff94451ccd7a57c999eca3bc979 or newer.
Proactive Monitoring: Review system logs for recurring crashes or abnormal memory usage patterns in services that handle user-uploaded PSD files.
Compensating Controls: Use a Web Application Firewall (WAF) or file sanitizer to block or validate PSD files before they reach the backend processing engine.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
The deterministic nature of this overflow makes it a highly reliable target for exploitation. Administrators should treat this as a high-priority update and ensure all affected instances of the SAIL library are patched immediately to secure against potential memory-based attacks.